FAA CIO says security system development tops '03 priorities

By Dipka Bhambhani

Jan 16, 2003

The Federal Aviation Administration this year intends to develop mission support systems and boost cybersecurity within the enterprise architecture it created last year, said Daniel Mehan, assistant administrator and CIO at FAA.

'Enterprise architecture is a remarkably complex subject, but it's like the architecture of a house,' Mehan said today at a meeting sponsored by Input of Chantilly, Va. 'You need to know where the plumbing goes.'

The agency also plans to improve its Web site, data management and cybersecurity, among its other IT priorities for 2003, he said.

FAA has consulted focus groups to figure out how to improve its Web site and make it more user-friendly. It also is working with the White House Critical Infrastructure Protection Board to adhere to national standards for cybersecurity, Mehan said.

'The more interconnected you are, the more open you are, the more you have to have a focused cybersecurity policy,' he said. 'We're working our way to more integrated databases. We want to isolate elements and back up, so we have redundancy, and we want to harden each system.'

FAA is working with the Transportation Security Administration to begin a smart-card pilot this year and develop a public-key infrastructure. 'We hope to do [the pilot] before the end of the year,' he said.

The agency is working with the Massachusetts Institute of Technology's Lincoln Laboratories for mathematical intrusion detection tools that can 'sniff out if there's somebody on the network,' he said. Math tools will help protect FAA's networks by identifying usage patterns.

FAA also will look for ways to improve cybersecurity for wireless devices. 'The mobile environments are here, and what we need to do is figure out what we need to do with them,' he said.